Privacy Policy

Effective: 19 April 2026 · Version 1.0

1. Data Controller

SRINI OÜ Registry code: 14449790
Address: A.H.Tammsaare tee 56, 11316 Tallinn, Estonia
Email: info@maasikavillad.ee
Phone: +372 5373 6986
Website: maasikavillad.ee

This Privacy Policy explains how SRINI OÜ ("we", "us") collects, uses and protects personal data in connection with the Maasika Villa holiday home booking service and website, in accordance with the EU General Data Protection Regulation (GDPR, 2016/679) and applicable Estonian law.

2. Personal Data We Collect and Why

2.1 Booking data

When you submit a booking request, we collect the following personal data:

Data	Purpose	Legal basis	Retention
Name, email, phone	Confirming the booking and communication	Contract performance (Art 6(1)(b))	7 years
Check-in/out dates, guest count	Managing the reservation	Contract performance (Art 6(1)(b))	7 years
Message / special requests	Providing the service	Contract performance (Art 6(1)(b))	7 years
Payment transaction reference	Payment processing	Contract performance (Art 6(1)(b))	7 years
IP address	Security, fraud prevention	Legitimate interest (Art 6(1)(f))	1 year

The 7-year retention period is required under the Estonian Accounting Act (§ 12), which mandates retention of accounting documents for at least 7 years.

2.2 Contact form data

Data	Purpose	Legal basis	Retention
Name, email, phone	Responding to your enquiry	Legitimate interest (Art 6(1)(f))	2 years
Message	Understanding the enquiry	Legitimate interest (Art 6(1)(f))	2 years
IP address	Spam prevention	Legitimate interest (Art 6(1)(f))	1 year

2.3 Technical data (logs and sessions)

Data	Purpose	Legal basis	Retention
Admin activity logs (email, role, action, IP)	Security, audit trail	Legitimate interest (Art 6(1)(f))	1 year (max 2,000 entries)
Session cookie (maasika_admin)	Admin login session	Contract performance (Art 6(1)(b))	Browser session
Login rate-limiting (hashed IP)	Brute-force protection	Legitimate interest (Art 6(1)(f))	5 minutes

2.4 Cookies

Cookie	Type	Purpose	Duration
maasika_admin	Essential	Admin session management	Browser session
mv_cookie_consent	Essential	Remembering your cookie preferences	1 year (localStorage)
Google Analytics (_ga, _gid)	Analytics	Website usage analysis	Up to 2 years (with consent)
Meta Pixel (_fbp)	Marketing	Targeted advertising on Facebook/Instagram	Up to 3 months (with consent)

Optional cookies are only used with your prior consent, which you may withdraw at any time. To manage your cookie preferences, .

3. Data Processors and Third Parties

We share personal data only to the extent necessary to provide the service. All processors are contractually obligated to ensure GDPR-compliant data protection.

Party	Role	Data shared	Location
Modena Estonia OÜ modena.ee	Payment processing	Name, email, phone, booking amount and dates	Estonia (EU)
Microsoft Corporation Office 365	Email delivery	Email address, booking details in email content	EU/EEA (SCCs)
veebimajutus.ee (Elkdata OÜ)	Web hosting	All server data (stored in Estonia)	Estonia (EU)
Google LLC Google Maps	Embedded maps	IP address and technical info when the map loads	USA (SCCs / adequacy)
Google LLC Google Analytics	Analytics (with consent)	Pseudonymised usage data	USA (SCCs / adequacy)
Meta Platforms, Inc. Facebook / Instagram Pixel	Marketing (with consent)	Pseudonymised usage data	USA (SCCs / adequacy)
Booking.com B.V.	External booking platform	Booking.com manages bookings made through their platform under their own privacy policy	Netherlands (EU)

SCCs = EU Standard Contractual Clauses. Where data is transferred outside the EEA, we ensure an adequate level of protection through appropriate safeguards.

4. Your Rights

Under the GDPR you have the following rights regarding your personal data:

Right of access (Art 15) — you may request a copy of the personal data we hold about you.
Right to rectification (Art 16) — inaccurate data will be corrected without undue delay.
Right to erasure (Art 17) — you may request deletion where there is no longer a valid basis for processing.
Right to restriction (Art 18) — in certain circumstances you may request that processing be temporarily suspended.
Right to data portability (Art 20) — you may receive your data in a structured, machine-readable format.
Right to object (Art 21) — you may object to processing based on legitimate interests.
Right to withdraw consent (Art 7(3)) — you may withdraw consent for optional cookies at any time, without affecting prior processing.

To exercise your rights, contact us at info@maasikavillad.ee. We will respond without undue delay and no later than 30 days from receipt of your request.

If you believe your data is being processed unlawfully, you have the right to lodge a complaint with the Estonian Data Protection Inspectorate:

Data Protection Inspectorate (Andmekaitse Inspektsioon)
Tatari 39, 10134 Tallinn, Estonia
info@aki.ee · www.aki.ee

5. Data Security and Retention

Personal data is retained only for as long as necessary for the purpose for which it was collected, or as required by law.

Security measures include:

HTTPS-encrypted data transmission (TLS)
Passwords stored only as one-way hashes (Argon2id)
Access restricted to authorised staff based on role
Automatic session timeout after 2 hours of inactivity
CSRF protection on all forms
IP-based rate limiting on login attempts

All data is stored on veebimajutus.ee servers in Estonia. Backups are retained for up to 30 days.

6. Minors

Maasika Villa's services are directed at adults. We do not knowingly collect personal data from individuals under the age of 16. If you are a parent or guardian and believe that a child's data has been shared with us without authorisation, please contact us immediately.

7. Changes to This Policy

We reserve the right to update this Privacy Policy. For significant changes we will notify you by email (for guests with existing bookings) or via a notice on the website. The effective date at the top of this page shows when it was last updated.

8. Contact

SRINI OÜ — Maasika Villa Registry code: 14449790
A.H.Tammsaare tee 56, 11316 Tallinn, Estonia
Email: info@maasikavillad.ee
Phone: +372 5373 6986

← Back to homepage